What Are Your HIPAA Compliance Requirements?

You may have worked with companies that promise solutions, but fail to deliver. SecurityMetrics helps you identify which HIPAA requirements apply to your organization and guides you through HIPAA compliance. SecurityMetrics unmatched support helps you every step of the way on your path towards HIPAA compliance. When you partner with SecurityMetrics, you will love our detailed work and world-class support.

Here's what our customers are saying

SecurityMetrics spent a great deal of time with me so that I felt confident and comfortable. I feel they went above and beyond. THANK YOU SECURITYMETRICS!

Billye Jo Ritchey, Effingham Surgical Associates

I appreciate the expert help from SecurityMetrics as our office worked through understanding the HIPAA regulations. The staff was knowledgeable and very helpful.

Kathy M., Dr. Mike Bloom

SecurityMetrics gave me the support and help to quickly review my HIPAA compliance. A great and easy experience.

David Hunt, DPT, OCS, Elevate Fitness and Rehab

The person that I spoke with was very thorough and explained any questions that I didn't understand.

Stop wondering if your compliance efforts are going to waste. SecurityMetrics guides you down a path to compliance and provides peace of mind in knowing you have taken the appropriate steps to protect your patients and organization from data compromise.

Our solutions not only simplify your compliance efforts today, but also provide the resources and education needed to create lasting data security protection for tomorrow.

Without proper support, even the best security tools will do little to protect your patient data. SecurityMetrics combines innovative data security tools with award-winning customer support to help guide your organization to compliance and maximize the security benefits of your HIPAA efforts.

Healthcare experts shouldn't have to be security experts. Over the past decade we've has helped more than one million organizations secure data and comply with various mandates. When you partner with SecurityMetrics, you have confidence that a solution to your compliance problems is never more than a phone call away.

What Does HIPAA Stand For?

HIPAA stands for Health Insurance Portability and Accountability Act. It was formed in 1996 and, among other things, protects patient health information.

Who must be HIPAA compliant?

The HIPAA Rules apply to two groups: covered entities and business associates. A covered entity is a health plan, health care clearinghouse or health care provider who electronically transmit any health information. Examples of covered entities are:

Doctors

Dentists

Pharmacies

Health insurance companies

Company health plans

A business associate is a person or entity that performs certain functions or activities that involve the use or disclosure of protected health information on behalf of, or provides services to, a covered entity. Examples of business associates (whose services involve access to PHI) are:

CPA

Attorney

IT providers

Billing and coding services

Laboratories

For more detailed information on the definition of a covered entity and businesses associate visit The Department of Health and Human Services (HHS) website.

HIPAA Privacy Rule

The HIPAA Privacy Rule provides federal protections for personal health information and gives patients rights to their own protected health information (PHI). The Privacy Rule permits the disclosure of PHI needed for patient care and other important purposes. The Privacy Rule applies to all healthcare providers, including those who do not use an Electronic Health Record (EHR) system, and includes all mediums: electronic, paper, and oral.

Privacy Rule Basics:

Spells out administrative responsibilities

Discusses written agreements between covered entities and business associates

Discusses the need for privacy policies and procedures

Describes employer responsibilities to train workforce members and implement requirements regarding their use and disclosure of PHI.

Privacy Rule Examples

Train all employees on its privacy policies and procedures

Properly dispose of documents containing protected health information

Secure medical records with lock and key or pass code

Create procedure for individuals to know to whom they can submit a complaint about a covered entity's compliance with the Privacy Rule

HIPAA Security Rule

The HIPAA Security Rule requires covered entities, business associates, and their subcontractors to become HIPAA compliant by implementing safeguards to protect electronic protected health information (ePHI) that is created, received, or maintained. It specifies a series of administrative, physical, and technical safeguards to ensure the confidentiality, integrity, and availability of ePHI. Most violations of the HIPAA Security Rule result from businesses not following policies and procedures to safeguard ePHI, thus preventing them from becoming HIPAA compliant.

Supports the Privacy Rule requirement to reasonably safeguard PHI in all forms

Security Rule Examples:

Designate a security officer who is responsible for compliance

Create policies and procedures that explain proper use of workstations and electronic media

Ensure all employees have unique passwords

Limit physical access to covered entity's facilities

Related Links

Let Us Help You Start HIPAA Compliance.

We've helped over 800,000 businesses with data security and compliance.

First Name *

Last Name *

Email *

Phone *

* Please fill out the highlighted fields

We strive to fulfill GDPR requirements and protect your data

We want to send you emails containing educational and promotional information. By submitting your personal data,
you give us permission to send you emails. We will not share your data with anyone. The SecurityMetrics data
retention policy is to keep data for five years after no further activity from you. You have the right to
control the data you submit, lodge a complaint to a supervising authority, and to unsubscribe or withdraw
consent at any time. You are not required to give us your data. We use marketing automation to match our
solutions with your interests. See our
privacy policy
for more info. If you are unfamiliar with GDPR you can learn about it on our
blog.

Do you need to talk to someone about a technical support issue or your existing account? If so, click here